Security Standards - IT Library : ZDNet Asia

Case Studies

Vendor Webcast

Show all content

Title Date Added Company

PCI Compliance Cost Analysis: A Justified Expense 2007-12-12 Solidcore Systems

The Payment Card Industry Data Security Standard (PCI-DSS) was created by the credit card companies and is intended to protect cardholder data wherever it resides, ensuring that merchants and service providers maintain the highest degree of information security for their customers. While the standard is meant to have a positive impact on merchants, consumers and the retail industry, many retailers are still questioning its effectiveness and necessity in light of the high-cost to comply. A recent poll of 201 information technology (IT) and PCI compliance professionals reinforces this point.

PCI Policy Compliance Using Information Security Policies Made Easy 2007-12-10 Information Shield

Many organizations are building or updating written information security policies in response to the newly updated Payment Card Industry Data Security Standard (PCI-DSS). Written information security policies are fundamental to an effective information security program and required for compliance with many frameworks and regulations, including PCI, HIPAA, COBIT and many others. This paper describes how Information Shield security policy products can be used to save time and money and enable compliance with the PCI standard.

Tags: Security Management, Data Recovery - Security

Minimize the Burden of PCI Section 3: A New Approach to Credit Card Encryption 2007-12-01 Paymetric

Encryption represents one of the most important mandates for PCI compliance - and it also represents one of the most difficult requirements to implement successfully and cost effectively. This paper describes a new approach to managing encrypted data that significantly strengthens an organization's security posture, while minimizing the cost and effort of PCI compliance.

Tags: Security Management

PCI: How to Safeguard Customer Data Against Real Threats 2007-11-19 netForensics

Through PCI DSS, the card associations are taking a stand against online fraud, misuse of cardholder data and ID theft. PCI requires affected organizations to continuously monitor and manage the cardholder data environment, while maintaining a strong security posture against breaches and attacks. Protecting cardholder information involves addressing the risks associated with countless system components, including network devices, servers and applications. Merchants and service providers must implement broad policy-driven security programs to reduce the overall risk associated with storing, processing or transmitting cardholder data. nFX SIM One, along with the alignment of people, processes and technology, enables retailers and payment service providers to meet PCI objectives and ensure a resilient infrastructure.

Tags: Security Management

Meeting the PCI Application Security Requirements: Building Compliance In 2007-11-15 Ounce Labs

The security of customer payment data is not just a payment brand issue but is the responsibility of all businesses that participate in the payment process. All merchants and service providers that store, process and transmit payment card data are required by the payment brands to comply with the Payment Card Industry (PCI) Data Security Standard - their customers expect it and their reputations depend on it. Since 2005, over 215 million data records have been exposed as the result of security breaches. Uproar in the press, worldwide legislative bodies, and among consumers has spurred industry groups to work toward regulations and best practices concerning the security of private data.

Tags: Security Management, Data Recovery - Security

PCI DSS Compliance: A Difficult But Necessary Journey 2007-11-07 GFi Software

The need to comply with the Payment Card Industry Data Security Standard (PCI DSS) has been a rude wake up call for thousands of companies who believed their networks are secure and safe from security breaches. This standard is a set of network security requirements agreed upon by five of the major credit card companies in an attempt to stem the growth of credit card fraud around the world and to give a common interpretation of what security is all about. Since PCI DSS was launched, it has helped to expose serious security shortcomings, companies' failure to follow security best practice and a general lack of awareness of the security threats facing organizations today.

Facilitating Enterprise PCI DSS Compliance 2007-11-07 GlobalScape

With the advent of the Internet and the explosion of e-commerce, the payment card industry faces an unprecedented level of security risk. As PAN data is transmitted across an increasingly wide range of electronic networks, industry leaders realized they had to collaborate on how to address security risks to cardholder data. The PCI Security Standards Council created the PCI DSS - an authoritative roadmap for implementing high security systems and processes. The PCI DSS is a multifaceted security standard developed as a collaborative effort among six industry-leading companies: Visa, MasterCard, American Express, Diner's Club, Discover, and JCB USA, as well as many major merchants.

Tags: Security Management

Meeting the PCI Standard 2007-11-06 Solidcore Systems

Identity theft and credit card fraud is a large and growing problem. The Federal Trade Commission estimates that almost 10 million consumers were affected last year, at a cost of close to $50 billion. In order to combat this growing menace, Visa, MasterCard, American Express, Diners Club, Discover and other major credit card providers have joined together to introduce a compliance standard - the Payment Card Industry (PCI) Data Security Standard. The standard unites and supersedes the individual compliance standards such as Visa's CISP and MasterCard's SDP standards. This program is intended to protect cardholder data wherever it resides, ensuring that members, merchants and service providers maintain the highest levels of information security.

DB2 Security and PCI Compliance: A Best Practices Guide 2007-10-19 Protegrity

PCI is a set of collaborative security requirements for the protection of credit card transactions and cardholder data for all brands. This paper will review DB2 solutions that are compliant to the requirements for data at rest encryption in the PCI Data Security Standard and are based on a design that also provides separation of duties, audit, and central key management. The PCI standard incorporates sound and necessary security practices, such as encryption, continuous data access monitoring and control; assessments; auditing and implementation of comprehensive key management processes and procedures for keys used for encryption of cardholder data.

Tags: Data Recovery - Security, Best Practices

Identity-Based NAC and PCI Data Security Compliance 2007-10-18 Caymas Systems

The Payment Card Industry (PCI) has established a detailed set of requirements for merchants that store and process credit card data. This paper describes how key PCI security requirements for encryption, user authentication, virus and malware control, access control and audit can be met with a Caymas Identity-Based NAC appliance. Caymas NAC appliances can be used control access to databases and applications storing payment card data.

Tags: Security Management

Jump to 1 [2] 3 4 5 6 7 8 9 10

Title	Date Added	Company
PCI Compliance Cost Analysis: A Justified Expense	2007-12-12	Solidcore Systems
The Payment Card Industry Data Security Standard (PCI-DSS) was created by the credit card companies and is intended to protect cardholder data wherever it resides, ensuring that merchants and service providers maintain the highest degree of information security for their customers. While the standard is meant to have a positive impact on merchants, consumers and the retail industry, many retailers are still questioning its effectiveness and necessity in light of the high-cost to comply. A recent poll of 201 information technology (IT) and PCI compliance professionals reinforces this point.
PCI Policy Compliance Using Information Security Policies Made Easy	2007-12-10	Information Shield
Many organizations are building or updating written information security policies in response to the newly updated Payment Card Industry Data Security Standard (PCI-DSS). Written information security policies are fundamental to an effective information security program and required for compliance with many frameworks and regulations, including PCI, HIPAA, COBIT and many others. This paper describes how Information Shield security policy products can be used to save time and money and enable compliance with the PCI standard. Tags: Security Management, Data Recovery - Security
Minimize the Burden of PCI Section 3: A New Approach to Credit Card Encryption	2007-12-01	Paymetric
Encryption represents one of the most important mandates for PCI compliance - and it also represents one of the most difficult requirements to implement successfully and cost effectively. This paper describes a new approach to managing encrypted data that significantly strengthens an organization's security posture, while minimizing the cost and effort of PCI compliance. Tags: Security Management
PCI: How to Safeguard Customer Data Against Real Threats	2007-11-19	netForensics
Through PCI DSS, the card associations are taking a stand against online fraud, misuse of cardholder data and ID theft. PCI requires affected organizations to continuously monitor and manage the cardholder data environment, while maintaining a strong security posture against breaches and attacks. Protecting cardholder information involves addressing the risks associated with countless system components, including network devices, servers and applications. Merchants and service providers must implement broad policy-driven security programs to reduce the overall risk associated with storing, processing or transmitting cardholder data. nFX SIM One, along with the alignment of people, processes and technology, enables retailers and payment service providers to meet PCI objectives and ensure a resilient infrastructure. Tags: Security Management
Meeting the PCI Application Security Requirements: Building Compliance In	2007-11-15	Ounce Labs
The security of customer payment data is not just a payment brand issue but is the responsibility of all businesses that participate in the payment process. All merchants and service providers that store, process and transmit payment card data are required by the payment brands to comply with the Payment Card Industry (PCI) Data Security Standard - their customers expect it and their reputations depend on it. Since 2005, over 215 million data records have been exposed as the result of security breaches. Uproar in the press, worldwide legislative bodies, and among consumers has spurred industry groups to work toward regulations and best practices concerning the security of private data. Tags: Security Management, Data Recovery - Security
PCI DSS Compliance: A Difficult But Necessary Journey	2007-11-07	GFi Software
The need to comply with the Payment Card Industry Data Security Standard (PCI DSS) has been a rude wake up call for thousands of companies who believed their networks are secure and safe from security breaches. This standard is a set of network security requirements agreed upon by five of the major credit card companies in an attempt to stem the growth of credit card fraud around the world and to give a common interpretation of what security is all about. Since PCI DSS was launched, it has helped to expose serious security shortcomings, companies' failure to follow security best practice and a general lack of awareness of the security threats facing organizations today.
Facilitating Enterprise PCI DSS Compliance	2007-11-07	GlobalScape
With the advent of the Internet and the explosion of e-commerce, the payment card industry faces an unprecedented level of security risk. As PAN data is transmitted across an increasingly wide range of electronic networks, industry leaders realized they had to collaborate on how to address security risks to cardholder data. The PCI Security Standards Council created the PCI DSS - an authoritative roadmap for implementing high security systems and processes. The PCI DSS is a multifaceted security standard developed as a collaborative effort among six industry-leading companies: Visa, MasterCard, American Express, Diner's Club, Discover, and JCB USA, as well as many major merchants. Tags: Security Management
Meeting the PCI Standard	2007-11-06	Solidcore Systems
Identity theft and credit card fraud is a large and growing problem. The Federal Trade Commission estimates that almost 10 million consumers were affected last year, at a cost of close to $50 billion. In order to combat this growing menace, Visa, MasterCard, American Express, Diners Club, Discover and other major credit card providers have joined together to introduce a compliance standard - the Payment Card Industry (PCI) Data Security Standard. The standard unites and supersedes the individual compliance standards such as Visa's CISP and MasterCard's SDP standards. This program is intended to protect cardholder data wherever it resides, ensuring that members, merchants and service providers maintain the highest levels of information security.
DB2 Security and PCI Compliance: A Best Practices Guide	2007-10-19	Protegrity
PCI is a set of collaborative security requirements for the protection of credit card transactions and cardholder data for all brands. This paper will review DB2 solutions that are compliant to the requirements for data at rest encryption in the PCI Data Security Standard and are based on a design that also provides separation of duties, audit, and central key management. The PCI standard incorporates sound and necessary security practices, such as encryption, continuous data access monitoring and control; assessments; auditing and implementation of comprehensive key management processes and procedures for keys used for encryption of cardholder data. Tags: Data Recovery - Security, Best Practices
Identity-Based NAC and PCI Data Security Compliance	2007-10-18	Caymas Systems
The Payment Card Industry (PCI) has established a detailed set of requirements for merchants that store and process credit card data. This paper describes how key PCI security requirements for encryption, user authentication, virus and malware control, access control and audit can be met with a Caymas Identity-Based NAC appliance. Caymas NAC appliances can be used control access to databases and applications storing payment card data. Tags: Security Management

Security

Featured Whitepapers

Member Login

10 million IT Folks can't be wrong with their server choice.

Oracle Technology Solutions for Midsize Businesses

Country Report: India